Table of Contents
Advertisement
Authentication
Advanced Settings
Vigor1000 Series User's Guide
Type – There are two types for you to choose for
authentication.
If you choose Certificate as the Type, you have to specify
one of the local certificates.
If you choose Pre-Shared Secret as the Type, you have to
type and confirm the shared secret. IPSec remote dial-in
clients will use the given secret.
Phase 1 (IKE) - Negotiation of IKE parameters including
encryption, hash, Diffie-Hellman parameter values, and
lifetime to protect the following IKE exchange,
authentication of both peers using either a Pre-Shared Key
or Digital Signature (x.509). The peer that starts the
negotiation proposes all its policies to the remote peer and
then remote peer tries to find a highest-priority match with
its policies.
Phase 2 (IPSec) - Negotiation IPSec security methods
including Authentication Header (AH) or Encapsulating
Security Payload (ESP) for the following IKE exchange
and mutual examination of the secure tunnel establishment.
153
Advertisement
Table of Contents
